{"version":"1.0","provider_name":"Support | Kriesi.at - Premium WordPress Themes","provider_url":"https:\/\/kriesi.at\/support","author_name":"tol_kis","author_url":"https:\/\/kriesi.at\/support\/author\/tol_kis\/","title":"Cross site scripting vulnerability with pagination - Support | Kriesi.at - Premium WordPress Themes","type":"rich","width":600,"height":338,"html":"<blockquote class=\"wp-embedded-content\" data-secret=\"SSfYtUyLyv\"><a href=\"https:\/\/kriesi.at\/support\/topic\/cross-site-scripting-vulnerability-with-pagination\/\">Cross site scripting vulnerability with pagination<\/a><\/blockquote><iframe sandbox=\"allow-scripts\" security=\"restricted\" src=\"https:\/\/kriesi.at\/support\/topic\/cross-site-scripting-vulnerability-with-pagination\/embed\/#?secret=SSfYtUyLyv\" width=\"600\" height=\"338\" title=\"&#8220;Cross site scripting vulnerability with pagination&#8221; &#8212; Support | Kriesi.at - Premium WordPress Themes\" data-secret=\"SSfYtUyLyv\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" class=\"wp-embedded-content\"><\/iframe><script type=\"text\/javascript\">\n\/* <![CDATA[ *\/\n\/*! This file is auto-generated *\/\n!function(d,l){\"use strict\";l.querySelector&&d.addEventListener&&\"undefined\"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!\/[^a-zA-Z0-9]\/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret=\"'+t.secret+'\"]'),o=l.querySelectorAll('blockquote[data-secret=\"'+t.secret+'\"]'),c=new RegExp(\"^https?:$\",\"i\"),i=0;i<o.length;i++)o[i].style.display=\"none\";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(\"style\"),\"height\"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):\"link\"===t.message&&(r=new URL(s.getAttribute(\"src\")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(\"message\",d.wp.receiveEmbedMessage,!1),l.addEventListener(\"DOMContentLoaded\",function(){for(var e,t,s=l.querySelectorAll(\"iframe.wp-embedded-content\"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(\"data-secret\"))||(t=Math.random().toString(36).substring(2,12),e.src+=\"#?secret=\"+t,e.setAttribute(\"data-secret\",t)),e.contentWindow.postMessage({message:\"ready\",secret:t},\"*\")},!1)))}(window,document);\n\/* ]]> *\/\n<\/script>\n","description":"We are using Acunetix scanner for our security testing. It shows us a vulnerability on sites with pagination. Is this a false positive, how can we fix this? HTTP Request: GET \/support\/knowledgebase_de\/?%25%32%37%25%36%46%25%36%45%25%36%44%25%36%46%25%37%35%25%37%33%25%36%35%25%36%46%25%37%36%25%36%35%25%37%32%25%33%44%25%32%37%25%33%35%25%35%36%25%33%34%25%36%44%25%32%38%25%33%39%25%33%30%25%33%34%25%33%32%25%33%34%25%32%39%25%32%37%25%36%32%25%36%31%25%36%34%25%33%44%25%32%37 HTTP\/1.1 Referer: https:\/\/www.XYZ.com\/ Cookie: ..... Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8 Accept-Encoding: gzip,deflate User-Agent: Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/83.0.4103.61 Safari\/537.36 Host: [&hellip;]"}